Talk:T1 Font Integer Overflow

Discussion page of T1 Font Integer Overflow

Assignment

This article originally belonged to i0n1c's exploit (see "what links here"). Now also Saffron links here. Is this the same kernel exploit? --http 00:21, 7 July 2011 (UTC)

I'm not sure. If this was the original untether for i0n1c, then the information I put needs to be moved. I'm confused since there was no common name for the exploit he created. I saw it in Saffron and assumed it was the new one because of the confusion. Safest bet is to move it to a new page under DejaVu. --JakeAnthraX 00:39, 7 July 2011 (UTC)
This is indeed i0n1c's untethering exploit. I'll move this page (temporarily) to "DejaVu." --Dialexio 01:19, 7 July 2011 (UTC)

Ok, but there's still a lot wrong:

I haven't understood everything yet, so I'll refrain from fixing it. --http 06:54, 7 July 2011 (UTC)

I fixed the first bullet. The terms "userland exploit" and "kernel exploit" seem to be synonymous. i0n1c never made a jailbreak; he just exploited the ndrv_setspec() Integer Overflow (and said exploit was used in PwnageTool/redsn0w/sn0wbreeze… NOT Saffron). I hope that clarifies everything more. --Dialexio 19:18, 7 July 2011 (UTC)
Ok. But we always talk about i0n1c's untether or so. This includes at least two exploits and is not mentioned sufficiently on the jb tools' pages. I suggest to create a new page, like for Saffron, where we can mention ASLR, credits, tools that use it, exploits used, heap feng shui, etc. For this exploit here, I assume this is the -1 encryption value (lenIV) bug (see http://t.co/q3KrcJA), right? This explains the Sandbox exit, but it does not explain circumvention of ASLR and priviledge escalation.-- http 10:04, 9 July 2011 (UTC)
Another related issue: On Apple KB site they list three vulnerabilities related to Saffron. --http 02:42, 16 July 2011 (MDT)
Retrieved from "https://theapplewiki.com/index.php?title=Talk:T1_Font_Integer_Overflow&oldid=19471"